summaryrefslogtreecommitdiff
path: root/fs/crypto/crypto.c
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2019-04-11 14:32:15 -0700
committerTheodore Ts'o <tytso@mit.edu>2019-04-16 18:57:09 -0400
commite37a784d8b6a1e726de5ddc7b4809c086a08db09 (patch)
tree965d40cec69107aba4324f72db93d896b12d0737 /fs/crypto/crypto.c
parentff5d3a97075c65731a46453d36e75b9cf925e165 (diff)
fscrypt: use READ_ONCE() to access ->i_crypt_info
->i_crypt_info starts out NULL and may later be locklessly set to a non-NULL value by the cmpxchg() in fscrypt_get_encryption_info(). But ->i_crypt_info is used directly, which technically is incorrect. It's a data race, and it doesn't include the data dependency barrier needed to safely dereference the pointer on at least one architecture. Fix this by using READ_ONCE() instead. Note: we don't need to use smp_load_acquire(), since dereferencing the pointer only requires a data dependency barrier, which is already included in READ_ONCE(). We also don't need READ_ONCE() in places where ->i_crypt_info is unconditionally dereferenced, since it must have already been checked. Also downgrade the cmpxchg() to cmpxchg_release(), since RELEASE semantics are sufficient on the write side. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/crypto/crypto.c')
-rw-r--r--fs/crypto/crypto.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index 5efc494a4e38..098807788257 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -328,7 +328,7 @@ static int fscrypt_d_revalidate(struct dentry *dentry, unsigned int flags)
spin_lock(&dentry->d_lock);
cached_with_key = dentry->d_flags & DCACHE_ENCRYPTED_WITH_KEY;
spin_unlock(&dentry->d_lock);
- dir_has_key = (d_inode(dir)->i_crypt_info != NULL);
+ dir_has_key = fscrypt_has_encryption_key(d_inode(dir));
dput(dir);
/*